.DLLs Whenever an executable is launched, it will usually load a number of DLLs (Dynamic Link Libraries) that are required to function properly. These DLLs can provide functions, resources, and va...

Canary tokens are a great tool that defenders can use to detect malicious activity on their network. Canary tokens are files/alerting mechanism that makes a “phone home” to alert the creator that t...

The Registry The registry on Microsoft machines acts as a database to store low-level information for the system and its users. Introduced in Windows 3.1, the registry allows for persistence and ev...

Primer Anytime you make a request in the browser, add an external link to a document, etc. Windows first checks what protocol is specified. The most common are web requests such as: https://github....

Intro Pastejacking attacks are not a new concept in maldev, but still an extremely effective method that are making threat actors a dime. Essentially, a user copies a string from a seemingly truste...